CVE request: kernel: ptrace_attach: fix the usage of ->cred_exec_mutex

[Eugene Teo <eugene () redhat com>]

This vulnerability was introduced in commit d84f4f99 ("CRED: Inaugurate
COW credentials"), and was fixed in commit cad81bc2 ("ptrace:
ptrace_attach: fix the usage of ->cred_exec_mutex").

It affects kernel 2.6.29.

The patch ensured that both ptrace_attach() and the tracee are
serialised by the tracee's cred_exec_mutex. If not, the race can be
exploited by calling ptrace(PTRACE_ATTACH) to the task in the middle of
exec(setuid_application). This could result in a local privilege escalation.

Thanks, Eugene